OWASP ASVS Level 2

Security audit
in one command

Pre-scan your app for CASA Tier 2 compliance. Fix issues before the assessor arrives.

Install 
$ git clone https://github.com/acoyfellow/vet && cd vet
$ bun install && bun build src/cli.ts --compile --outfile vet
$ ./vet https://your-app.com

Try it live

Runs a lightweight scan from the edge — headers, methods, CORS, error disclosure.

Headers

V9.1

HSTS, CSP, X-Frame-Options, Permissions-Policy, and more.

TLS/SSL

V9.3

Certificate validation, TLS 1.2+ enforcement, mixed content.

Methods

V9.2

TRACE/TRACK blocked, proper 405 responses.

Errors

V7

No stack traces, no version strings, no internal paths.

CORS

V9.4

No wildcard on credentialed routes, no origin reflection.

Input

V5

SQL injection, XSS, path traversal, malformed payloads.

Read the tutorial CLI reference